Understanding Data and Security
Data privacy and security are critical components that ensure safe and ethical handling of data collected and processed from managed entities (devices and assets) in any IoT setup. In Zoho IoT, as part of privacy and security feature, we have integrated functionalities to comply with GDPR data protection requirements for PII (Personally Identifiable Information), along with data encryption, data slicing, password protection for files and more. This ensures legal adherence, safeguards user privacy, builds trust, prevents data breaches, and respects user rights.
This document on data protection provides an overview of the key security features and practices that safeguard customer data within the Zoho IoT application.
Image: Key data protection features in Zoho IoT
Understanding Data Privacy
Establishing Privacy with GDPR
GDPR emphasizes the protection of PII (Personally Identifiable Information). Any data that can uniquely identify an individual is considered PII, and safeguarding this information is essential for maintaining privacy and data security. GDPR, along with similar regulations, focuses on ensuring that personal information is properly protected.
PII Data Classification
In Zoho IoT, PII data is classified into two types: Sensitive(e.g., device identification number, driver license number, financial information, etc.) and Non-sensitive(e.g., name, address, date of birth, phone number). This classification is mostly used for segregation purposes.PII Data in Custom Fields and Datapoints
While creating custom fields and datapoints in the application, you can configure to store them as PII data. You can also configure custom fields to encrypt and store the PII values when saving to servers, if required.PII Data Restrictions
Administrators have options to control and limit your organization users' access to sensitive data related to your application's fields and datapoints.You can configure the GDPR Settings from the General Data Protection Configuration Settings under Compliance Settings to restrict access to PII data.
Understanding Data Security
Security measures are essential for safeguarding sensitive data in the IoT application. Key security features like data encryption, data slicing, and password protection for files play a vital role in ensuring data security and preventing unauthorized access. Zoho IoT incorporates built-in features within the application to safeguard customer data, in addition to implementing security by design.
Device Data Encryption
Zoho IoT provides support for encrypting device data both in transit and at rest, using TLS 1.2/1.3 with Perfect Forward Secrecy and AES-256 respectively. For device communication, TLS authentication modes are available for communication with the cloud application. Learn More
Password Protection
Support for file protection with a password is available for exported reports and device registration details. The passwords are provided by the user generating the report or registering the device, ensuring that sensitive reports are accessible only to authorized users. Learn More
Access Control
Application owners can manage and restrict the amount of data that users added by them can access using the Profiles and Data slicing feature. They can establish a strong level of control over which users can view specific data.
Audit Log
Audit logs within the Zoho IoT application serve as a comprehensive record of all user and system activities, capturing detailed information about every action performed. These logs document key events such as user logins, data modifications, device interactions, and configuration changes, all recorded in a precise, chronological order.
Email Security
Zoho IoT provides security in email communications by providing customization options for the sender's email address. This configuration helps to avoid mails landing in spam folders, thus securing emails.
Zoho Privacy and Security
Multi-Factor Authentication (MFA): In addition to the above features, Zoho provides account-based security using Multi-factor Authentication for sign-in. With MFA enabled in the Zoho account, users will be able to sign-in by verifying their identity using a password and an OTP received via an Email or SMS or Authentication app. This ensures that your account isn't accessed by any unknown users.
Refer to our company-wide Security and Compliance documents and the FAQ document on security for complete details.
https://www.zoho.com/security.html
https://www.zoho.com/compliance.html
https://www.zoho.com/security-faq.html
See Also
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Configuring Data and Security
Working with Security Features Privacy and security are essential in IoT setups to safeguard the sensitive data collected from devices and assets. This document outlines a step-by-step procedure for configuring GDPR and other security features in the ...Understanding Devices
In Zoho IoT applications, a device represents a real world entity that can be a gateway, a smart device, a sensor, or even a virtual service/system application that needs to be managed and monitored. Devices in the application are the essential ...Understanding Certificates
In any network where data communication occurs, authentication is crucial for establishing a secure and trustworthy communication channel. In Zoho IoT, Transport Layer Security (TLS) ensures that the data transmitted between the device and the server ...Understanding Actions
In an IoT setup, you may have to trigger various actions, such as sending notification emails to relevant personnel, connecting to a third-party URL via. webhook, or executing custom business logic on certain conditions. These actions are generally ...Understanding Data Slicing Rules
Data Slicing rules can be defined to dictate what data and records are accessible for each user in the Zoho IOT application. Data Slicing is highly useful in building dashboards and generating reports. Consider a dashboard designed to monitor an ...
New to Zoho LandingPage?
Zoho LandingPage Resources